An interesting legal/regulatory update about electronic signatures in simple words:
- The DGFT stands for Director General of Foreign Trade. It’s a body attached to the Ministry of Commerce that regulates imports and exports in India. As per its website – it is a “facilitator” of foreign trade to and from India.
- Any entity importing TO or exporting FROM India currently cannot operate without possessing an IEC or “Importer Exporter Code”
- For various goods being importer or exported, entities may require permissions and/or authorizations from the DGFT. In its role as “facilitator” the DGFT has notified a new digital platform for entities to manage their applications completely digitally.
- As per the DGFT’s new notification – dated 28 October 2020 – the DGFT mandated that the User IDs of entities for this new digital platform must be linked with their IECs. Makes sense right? The DGFT wants to bring its all-important IEC into the digital fold.
Electronic signature as a linking mechanism
So how exactly do entities link their User IDs with their IECs?
Through an electronic signature.
But how can a signature be used as a linking mechanism?
Several personal details of a subscriber (i.e the person in whose name the eSign will be issued) – obtained via the KYC reflect on the electronic signature certificate. These include details such as subscriber name, gender, PIN Code last 4 digits of Aadhaar (in case of Aadhaar eSign) etc.
How it is likely to work in this case
- The IEC of an entity contains their name and other details
- The name is a common parameter – contained in both the IEC and the eSign certificate of the entity
- For linking, the DGFT portal will give the entities an option to electronically sign.
- Once the entity eSigns – the “name” parameter on the electronic signature certificate gets matched against the “name” on the IEC. If there is a match – linking becomes successful.
An underrated use of eSign
An important thing to note is that the electronic signature DOES NOT get affixed on any document in the above process.
It doesn’t need to.
Any signing process is essentially an authentication process. When we physically sign on documents – we authenticate our identity on that document.
In the case of an electronic signature, the entity/signer authenticates via a PIN or OTP (for Aadhaar eSign) which results in generation of an electronic signature certificate.
This certificate CAN be affixed on documents if necessary (that’s what platforms like Leegality do.
But it doesn’t NEED to be.
The electronic signature certificate also serves as a tool for verification.
Electronic signing is therefore not just a document signing process – but is also a reliable security procedure.
Can you use an electronic signature as both a document signing process AND a security procedure?
At Leegality, we’ve built a powerful tool that allows you to take advantage of the operational benefits of document signing while guarding against signature fraud through the security procedure that eSign architecture offers.
Through our Smart Certificate Verifier – you can now collect signatures from customers AND verify whether the signature certificate details match with details they have given you.
You can check it out here.